This three-day course covers configuration, operation, and implementation of SRX Series Services
Gateways in a typical network environment. Key topics within this course include security
technologies such as security zones, security policies, intrusion detection and prevention (IDP),
Network Address Translation (NAT), and high availability clusters, as well as details pertaining to
basic implementation, configuration, and management.
This course benefits operators of SRX Series devices. These operators include network engineers,
administrators, support personnel, and reseller support personnel.
After you complete this course you will be able to:
Describe traditional routing and security and the current trends in internetworking.
Provide an overview of SRX Series devices and software architecture.
Describe the logical packet flow and session creation performed by SRX Series devices.
Describe, configure, and monitor zones.
Describe, configure, and monitor security policies.
Describe, configure, and monitor firewall user authentication.
Describe various types of network attacks.
Configure and monitor SCREEN options to prevent network attacks.
Explain, implement, and monitor NAT on Junos security platforms.
Explain the purpose and mechanics of IP Security (IPsec) virtual private networks (VPNs).
Implement and monitor policy-based and route-based IPsec VPNs.
Utilize and update the IDP signature database.
Configure and monitor IDP policy with policy templates.
Describe, configure, and monitor high availability chassis clusters.
Attendees should meet the following prerequisites:
Students should have basic networking knowledge and an understanding of the Open Systems
Interconnection (OSI) reference model and the TCP/IP protocol suite. Students should also either
attend the Introduction to the Junos Operating System (IJOS) and Junos Routing Essentials (JRE)
courses prior to attending this class, or have equivalent experience with the Junos OS.
Introduction to Junos security platforms
Breaking the Tradition
The Junos OS Architecture
The Definition of Zones
Monitoring Security Zones
Lab 1: Configuring and Monitoring Zones
Overview of Security Policy
Verifying Policy Operation
Policy Scheduling and Rematching
Policy Case Study
Lab 2: Security Policies
Firewall User Authentication
Firewall User Authentication Overview
Using External Authentication Servers
Verifying Firewall User Authentication
Lab 3: Configuring Firewall Authentication
Multilayer Network Protection
Stages and Types of Attacks
Using Junos SCREEN Options-Reconnaissance Attack Handling
Using Junos SCREEN Options-Denial of Service Attack Handling
Using Junos SCREEN Options-Suspicious Packets Attack Handling
Applying and Monitoring SCREEN Options
Lab 4: Implementing SCREEN Options
Network Address Translation
Source NAT Operation and Configuration
Destination NAT Operation and Configuration
Static NAT Operation and Configuration
Monitoring and Verifying NAT Operation
Lab 5: Network Address Translation
Secure VPN Requirements
Configuration of IPsec VPNs
IPsec VPN Monitoring
Lab 6: Implementing IPsec VPNs
Introduction to Intrusion Detection and Prevention
If you need training for 3 or more people, you should ask us about onsite training. Putting
aside the obvious location benefit, content can be customised to better meet your
business objectives and more can be covered than in a public classroom. It's a cost effective option.
Submit an enquiry from any page on this site, and let us know you are interested in the requirements box, or
simply mention it when we contact you.