JNCIS-FWV

Main Menu
HOME TRAINING Cyber Forensics EnCase I EnCase II EnCase III Cisco Associate Level CCNA CCNA Security CCNA Voice CCNA Wireless CCDA Professional Level CCNP New CCDP CCIP CCNP CCSP CCVP Expert Level CCIE Routing & Switching CCIE Security CCIE Voice CCIE Service Provider CCDE Juniper JUNOS Routing M-Series & T-Series JNCIA-M JNCIS-M Enterprise Routing JNCIA-ER JNCIS-ER JUNOS Security Enterprise Switching JNCIA-EX E-Seires JNCIA-E JNCIS-E Firewall/VPN JNCIA-FWV JNCIS-FWV IDP JNCIA-IDP SSL VPN JNCIA-SSL JNCIS-SSL DX Application WX Application UAC Microsoft MCP MCSA 2003 MCSE 2003 MCITP Server Admin MCITP Enterprise Admin Checkpoint CCSA CCSE Nokia Checkpoint (IPSO) Nortel Checkpoint (NSF) IT Management ITILv3 CISA CISSP EC-Council CEH ENSA CHFI EDRP CompTIA A+ Network+ Security+ Wireless (Planet3) CWNA CWTS CWSP CWNP Certification Package Routing Switching Firewall Prevention System Voice Hacking Virtualization VMware Workstation VMware ESX Videos CONSULTING Assist Services Network Design Implementation Services Network Security Penetration Testing IT Security Audit Network Operations BOOTCAMP Juniper Bootcamp Cisco Bootcamp CCNP Bootcamp CCSP Bootcamp CCVP Bootcamp Checkpoint NMAP Microsoft ITILv3 Bootcamp COMPANY INFO Company Trainer Profile Work Culture Leadership Infrastructure CAREER Working With Junisys Hot Jobs CONTACT US FORUM LAB Rack Rental Online LAB

Main Menu

Live Chat

Login Form
Username Password Remember Me Forgot your password? Forgot your username? Create an account

Student Talk

Student Talk

NEWS

JNCIS-FWV

Configuring Juniper Networks Firewall/IPSec VPN Products (24hrs)

Course Overview

This course is the first in the ScreenOS curriculum. It is a three-day, instructor-led course that focuses on configuration of the Juniper Networks firewall/VPN products in a variety of situations, including basic administrative access, routing, firewall policies and policy options, attack prevention features, address translation, and VPN implementations.

The course combines both lecture and labs, with significant time allocated for hands-on experience. Students completing this course should be confident in their ability to configure Juniper Networks firewall/VPN products in a wide range of installations.

Objectives

After successfully completing this course, you should be able to:

* Explain the Juniper Networks security architecture.
* Configure administrative access and options.
* Back up and restore configuration and ScreenOS files.
* Configure a Juniper Networks device in transparent, route, and NAT modes.
* Discuss the applications of multiple virtual routers.
* Configure the Juniper Networks firewall to permit and deny traffic based on user defined policies.
* Configure advanced policy options.
* Identify and configure network designs for various types of network address translation.
* Configure policy-based and route-based VPN tunnels.

Intended Audience

This course is intended for network engineers, support personnel, reseller support, and others responsible for implementing Juniper Networks firewall products.

Course Level

This is an introductory-level course.

Prerequisites

This course assumes that students have basic networking knowledge and experience in the following areas:

* The Internet;
* Networking concepts; and
* Terms including TCP/IP, bridging, switching, and routing.

Course Contents

Module 1: Course Introduction

Module 2: ScreenOS Concepts, Terminology, and Platforms

* Security Device Requirements
* ScreenOS Security Architecture
* Juniper Networks Platforms

Module 3: Initial Connectivity

* System Components
* Establishing Connectivity
* Verifying Connectivity
* Lab 1: Initial Configuration

Module 4: Device Management

* Management
* Recovery
* Lab 2: Device Administration

Module 5: Layer 3 Operations

* Need for Routing
* Configuring Layer 3
* Verifying Layer 3
* Loopback Interface
* Interface-Based NAT
* Lab 3: Layer 3 Operations

Module 6: Basic Policy Configuration

* Functionality
* Policy Configuration
* Common Problems
* Global Policy
* Verifying Policies
* Lab 4: Basic Policy Configuration

Module 7: Policy Options

* Overview
* Logging
* Counting
* Scheduling
* User Authentication
* Lab 5: Policy Options

Module 8: Address Translation

* Scenarios
* NAT-src
* NAT-dst
* VIP Addresses
* MIP Addresses
* Lab 6: Address Translation

Module 9: Transparent Mode (Optional)

* Description
* Configuration
* Verifying Operations
* Lab 7: Transparent Mode

Module 10: VPN Concepts

* Concepts and Terminology
* IP Security

Module 11: Policy-Based VPNs

* Configuration
* Verifying Operations
* Lab 8: Policy-Based VPNs

Module 12: Route-Based VPNs

* Concepts and Terminology
* Configuring VPNs
* Verifying Operations
* Lab 9: Route-Based VPNs

Module 13: Additional Features

* Hardware

Integrating Juniper Networks Firewalls/IPSec VPNs into High-Performance Networks (24hrs)

Course Overview

This three-day course focuses on the ScreenOS features that are typically required in large-scale networks, including dynamic routing, virtual systems, traffic shaping, and high availability. Upon completing this course, students should be able to return to work and successfully install, configure, and verify that a ScreenOS-based device is interoperating in the network as desired. Through demonstrations and hands-on labs, students gain experience in configuring, testing, and troubleshooting these advanced features of ScreenOS software.

Objectives

After successfully completing this course, you should be able to:

* Configure virtual systems, including standard, IP-based, and transparent mode.
* Configure dynamic routing protocols, including OSPF and BGP.
* Configure multicast operations, including IGMP and PIM-SM.
* Configure high availability in both static routing and dynamic routing environments.
* Configure traffic shaping features.
* Verify operations and troubleshoot all previous configurations.

Intended Audience

This course is intended for network engineers, network support personnel, and reseller support personnel.

Course Level

This is an intermediate-level course.

Prerequisites

This course prerequisites for this course include the following:

* Completion of the Configuring Juniper Networks Firewall/IPSec VPN Products (CJFV) course or equivalent product experience;
* Completion of the Security Manager Fundamentals (SMF) course or equivalent product experience if using Security Manager; and
* General networking knowledge, including Ethernet, TCP/IP, and routing concepts.

Course Contents

Module 1: Course Introduction

Module 2: ScreenOS VPN Basics Review

* Concepts Review
* Configuration Review
* Lab 1: ScreenOS Basics Review

Module 3: OSPF

* OSPF Operations
* OSPF Configuration
* Verification and Troubleshooting
* Lab 2: Part 1–Configuring OSPF
* Route Redistribution
* Lab 2: Part 2–Configuring Redistribution
* Route Optimization
* Lab 2: Part 3–Optimizing Routing Tables

Module 4: BGP

* BGP Operations
* EBGP Configuration
* Filtering on Per-Peer Basis
* Verification and Troubleshooting
* IBGP Configuration
* BGP Connectivity
* Lab 3: Configuring BGP

Module 5: Advanced Static Routing

* Source-Based Routing
* Policy-Based Routing
* Destination Routing
* Lab 4: Configuring Advanced Static Routes

Module 6: Multicast

* IGMP Operations
* IGMP Configuration
* PIM-SM Operations
* PIM-SM Configuration
* Multicast Policies
* Lab 5: Configuring Multicast Support

Module 7: Virtual Systems

* VSYS Operations and Concepts
* Configuring VSYS Using Interface Classification
* Lab 6: Part 1–Creating a VSYS
* VSYS Resource Management
* Inter-VSYS Routing
* Lab 6: Part 2–Inter-VSYS Routing
* Lab 6: Part 3–Route Export
* Address Translation
* Lab 6: Part 4–Address Translation

Module 8: Redundancy

* NSRP Terms and Concepts
* Configuring NSRP Active/Passive
* Configuring NSRP Active/Active, VSD-Less Cluster, and NSRP-Lite
* Tuning Failover Performance
* Redundant Interfaces
* Demo: NSRP

Module 9: Traffic Management

* Need for Traffic Management
* Egress Traffic Shaping
* Ingress Policing
* DSCP Marking

Module 10: Virtual Systems Variations

* VSYS with IP Classification
* Transparent Mode VSYS

Advanced Juniper Networks IPSec VPN Implementations (16hrs)

Course Overview

This two-day, intermediate-level course focuses on the wide range of options available when configuring VPNs using Juniper Networks firewall/VPN products. Students attending the course will learn these various deployments through detailed lectures and hands-on lab exercises.

Objectives

After successfully completing this course, you should be able to:

* Configure LAN-to-LAN IPSec VPNs in various configurations.
* Configure VPN redundancy.
* Configure dynamic routing using IPSec VPNs.
* Configure remote access IPSec connectivity including group IKE and shared IKE.
* Configure GRE tunnels.

Intended Audience

This course is intended for network engineers, network support personnel, and reseller support.

Course Level

This is an intermediate-level course.

Prerequisites

Prerequisites for this course include the following:

* Completion of the Configuring Juniper Networks Firewall/IPSec VPN Products (CJFV) course or equivalent experience with ScreenOS software.
* General networking knowledge, including Ethernet, TCP/IP, and routing concepts.

Course Contents

Module 1: Course Introduction

Module 2: ScreenOS VPN Basics Review

* VPN Review
* Verifying Operations
* VPN Monitor
* Lab 1: VPN Review

Module 3: VPN Variations

* Dynamic Peers
* Transparent Mode
* Overlapping Addresses
* Lab 2: VPN Variations

Module 4: Hub-and-Spoke VPNs

* Concepts
* Policy-Based Hub-and-Spoke
* Route-Based, with No Policy, and NHTB
* Route-Based with Policy
* Centralized Control
* AutoConnect-Virtual Private Networks
* Lab 3: Hub-and-Spoke VPNs

Module 5: Routing over VPNs

* Routing Overview
* Configuring RIP
* Configuring OSPF
* Case Studies
* Lab 4: Dynamic Routing

Module 6: Using Certificates

* Concepts and Terminology
* Configuring Certificates and Certificate Support
* Configuring VPNs with Certificates
* Lab 5: Using Certificates

Module 7: Redundant VPN Gateways (Optional)

* Redundant VPN Gateways
* Other Options
* Demo: Redundant VPN Gateways

Module 8: Generic Routing Encapsulation (Optional)

* Configuring GRE

Module 9: Dial-Up IPSec VPNs

* Basic Dial-up Configuration
* Group IKE ID
* XAUTH and Shared IKE ID

Module 11: NetScreen-Remote

* NetScreen-Remote Overview
* Basic Dial-Up A-9
* XAUTH/Shared IKE ID
* Demo: Dial-Up VPNs
* Lab 6: Dial-Up VPNs

Attack Prevention with Juniper Networks Firewalls (8hrs)

Course Overview

This one-day course meets the business need of customers who are deploying the attack prevention features of ScreenOS software. The course focuses specifically on the attack-related features and assumes familiarity with ScreenOS software. Upon completing this course, you should be able to return to work and successfully configure and verify the desired attack prevention features.

Objectives

After successfully completing this course, you should be able to:

* Configure attack prevention features, including:
o SCREEN options;
o Deep Inspection; and
o Antivirus scanning.
* Configure URL filtering.
* Configure antispyware, antispam, and antiphishing filters.

Intended Audience

This course is intended for network engineers, support personnel, reseller support, and others responsible for implementing Juniper Networks products.

Course Level

This is an introductory-level course.

Prerequisites

This course assumes that you have basic networking knowledge and experience in the following areas:

* The Internet;
* Networking concepts; and
* Terms including TCP/IP and bridging, switching, and routing.

Course Contents

Module 1: Course Introduction

Module 2: ScreenOS Basics Review

* Concepts Review
* Configuration Review
* Lab 1: ScreenOS Basics Review

Module 3: SCREEN Options

* Multilayer Network Protection
* Types of Attacks
* SCREEN Options Configuration
* SCREEN Best Practices
* Lab 2: SCREEN Options Configuration

Module 4: Deep Inspection

* Deep Inspection Overview
* Attack Database Configuration
* Policy Configuration
* Logging and Monitoring
* Lab 3: Deep Inspection Configuration

Module 5: Antivirus

* Antivirus Operations
* Internal Scanning–HTTP Operations
* Antivirus Configuration–Kaspersky
* Antivirus Configuration–ICAP
* Verifying Operations
* Lab 4: Antivirus Configuration

Module 6: Web Filtering

* Web-Filtering Options
* Web-Filtering Configuration
* Verifying Operations
* Lab 5: Configuring Web Filtering

Module 7: Antispam

* Antispam Concepts
* Antispam Configuration
* Verifying Operations
* Lab 6: Antispam Configuration