Juniper JNCIA Security

Juniper JNCIA Security

www.sevenmentor.com

www.sevenmentor.com

JunOS Security Overview

1. Junos security architecture2. Branch vs. high-end platforms3. Major hardware components of SRX Series services gateways4. Packet ow5. Packet-based vs. session-based forwarding Zones

1. Zone types2. Dependencies3. Host inbound packet behavior4. Screens5. Transit packet behavior6. Zone conguration steps7. Hierarchy priority (Inheritance)8. Screens9. Monitoring and troubleshooting Security Policies

1. Policy types2. Policy components3. Policy ordering4. Host inbound trafc examination5. Transit trafc examination6. Scheduling7. Rematching8. ALGs9. Address books10. Applications11. Policies12. ALGs13. Address books14. Custom applications15. Monitoring and troubleshooting

www.sevenmentor.com

NAT

1. NAT types2. NAT/PAT processing3. DNS Doctoring4. Cone NAT5. IPv4 to IPv66. Address persistence7. NAT proxy ARP8. NAT conguration steps9. Monitoring and troubleshooting

IPSec VPN

1. Secure VPN characteristics and components2. IPSec tunnel establishment3. IPSec trafc processing4. Group VPN5. ADVPN6. PKI7. Dynamic VPN8. Junos OS IPsec implementation options9. IPSec VPN conguration steps10. Monitoring and troubleshooting

IPSec VPN

1. Installation2. Clustering with vSRX3. Deployment scenarios4. Troubleshooting

Virtual SRX

www.sevenmentor.com

Routing Policy and Firewall Filters

1. HA features and characteristics2. Deployment requirements and considerations3. Chassis cluster characteristics and operation4. Cluster modes5. Cluster and node IDs6. Redundancy groups7. Cluster interfaces8. Real-time objects9. State synchronization10. Ethernet switching considerations11. IPSec considerations12. Manual failover13. Cluster preparation14. Cluster conguration steps15. Monitoring and troubleshooting