Juniper Networks Security Solutions


Course No: EDU-JUN-JNSS

Course Overview

Securing critical network infrastructure is one of today's hottest topics. This lab-intensive, hands-on, four-day course illustrates current best security practices for the Juniper Networks M-series and T-series platforms in the context of numerous real-world networking scenarios. The configuration, operation, and monitoring of JUNOS software features that enhance network security or provide visibility into the nature of a given attack are detailed within each scenario.

Prerequisites

A Juniper Networks Security Solutions (JNSS) student should be able to configure a simple OSPF and BGP network without assistance and should have a working knowledge of JUNOS software configuration syntax to the extent covered in the Configuring Juniper Networks Routers course. Students should also understand TCP/IP applications and protocols listed under the prerequisites for the Configuring Juniper Networks Routers class.

Course Contents

Day 1

Module 0: Introduction and Overview
Module 1: Network Security Overview

  • The Need for Network Security
  • Juniper Networks Role
  • Fundamentals of Network Security
  • Additional Resources
  • Juniper Networks Security Solutions Course Description
  • Lab 1: Network Configuration

Module 2: Securing Access to the Router

  • Why Secure CLI Access Is Needed
  • Configuring Root Authentication
  • Configuring Login Users and Classes
  • Lab 2: Securing Access to the Router

Module 3: RADIUS and TACACS+

  • Remote Authentication Servers
  • Advantages and Disadvantages of Authentication Servers
  • Setting the Authentication Order
  • Mapping Remote Users to Local Users
  • Understanding and Configuring RADIUS
  • Understanding and Configuring TACACS+
  • Extended Responses
  • Lab 3: RADIUS and TACACS+

Module 4: Accessing the Router Remotely

  • Remote Access Methods
  • Telnet and FTP
  • Rlogin and Finger
  • SSH
  • SCP
  • Remote Access Summary and Case Study
  • Lab 4: Accessing the Router Remotely

Day 2

Module 5: Using System Logging and NTP

  • The Necessity of Remote System Logging
  • Using Syslog
  • Using the Network Time Protocol
  • Lab 5: Using System Logging and NTP

Module 6: Securing the Routing Protocols

  • Routing Protocol Authentication
  • Securing RIP
  • Securing OSPF
  • Securing IS-IS
  • Securing BGP
  • Securing MPLS Signaling Protocols
  • Additional Routing Security
  • Lab 6: Securing the Routing Protocols

Module 7: Firewall Filters

  • Purpose and Architecture of Packet Filtering
  • Firewall Filter Structure
  • Firewall Filter Evaluation
  • Filter Match Conditions
  • Filter Actions
  • Filter Modifiers
  • Application of Filters
  • Case Studies
  • Lab 7: Firewall Filters

Day 3

Module 8: Rate Policing

  • Rate Policing Overview
  • Configuring Rate Policing
  • Interface Policers
  • Prefix-Specific Counters and Policers
  • Lab 8: Rate Policing

Module 9: Traffic Sampling

  • Traffic Sampling Overview
  • Case Study
  • Lab 9: Traffic Sampling

Day 4

Module 10: cflowd

  • cflowd Overview
  • The Architecture of cflowd
  • Configuring cflowd Output
  • Viewing cflowd Output
  • Using cflowd
  • Lab 10: cflowd

Module 11: Analyzing Network Traffic

  • The Need for Network Traffic Analysis
  • Port Mirroring
  • Configuring Port Mirroring
  • Filter-Based Forwarding
  • Configuring Filter-Based Forwarding
  • Active Monitoring
  • Configuring Active Monitoring
  • Discard Accounting
  • Configuring Discard Accounting
  • Passive Monitoring
  • Lab 11: Active Monitoring and cflowd

Module 12: Monitoring Traffic with SNMP, Accounting and DCU

  • Service Provider Security Response
  • Network Management
  • SNMP
  • Accounting Options
  • Destination Class Usage (DCU)
  • Rapid Mitigation Deployment
  • Lab 12: DDoS Traceback and Mitigation

Module 13: Spoof Prevention

  • What Is Spoofing?
  • Blocking Spoofed Packets with Firewall Filters
  • Blocking Spoofed Packets with Unicast Reverse Path Forwarding
  • Considerations When Using Unicast Reverse Path Forwarding
  • Lab 13: uRPF

Module 14: Perimeter Security–Stateful Firewall

  • Adaptive Services PIC Overview
  • Overview of the Stateful Firewall
  • Configuring the Stateful Firewall
  • Monitoring the Stateful Firewall
  • Troubleshooting Services
  • Lab 14: Stateful Firewall

Module 15: Perimeter Security–Intrusion Detection System

  • Overview of the Intrusion Detection System
  • Configuring the Intrusion Detection System
  • Monitoring the Intrusion Detection System
  • Lab 15: Intrusion Detection System

Module 16: Perimeter Security–NAT

  • Network Address Translation Overview
  • Network Address Port Translation Overview
  • Configuring NAT/NAPT
  • Monitoring NAT/NAPT
  • Lab 16: Network Address Translation

 

 

 

Alanında uzmanlaşmış yüksek nitelikli bir teknik ekibe sahip olan BNTPRO, Enterprise Routing uzmanlığının ön koşullarını tamamlayarak Juniper Networks’ün Elite Partner’ı oldu.

BNTPRO Juniper Networks’le yapmış olduğu anlaşma neticesinde Juniper’ın Türkiye’deki tek yetkili eğitim merkezi olmaya hak kazanmıştır.

Juniper Networks’ün yetkili eğitim merkezi olarak eğitim portföyünü genişletmeye devam ediyor.
 

 

Copyright ©2008     BNTPRO Bilgi ve İletişim Hizmetleri Ltd. Şti. | Site Haritasi