Advanced Junos Security (AJSEC)

This three-day course, which is designed to build off of the current Junos Security (JSEC) offering, delves deeper into Junos security.

Through demonstrations and hands-on labs, you will gain experience in configuring and monitoring the advanced Junos operating system security features with advanced coverage of IPsec deployments, virtualization, AppSecure, advanced Network Address Translation (NAT) deployments, and Layer 2 security. This course uses Juniper Networks SRX Series Services Gateways for the hands-on component, but the lab environment does not preclude the course from being applicable to other Juniper hardware platforms running the Junos OS. This course is based on Junos OS Release 12.1R1.9.

Course Outline

Day 1

Chapter 1: Course Introduction

Chapter 2: AppSecure

  • AppSecure Overview

  • AppID

  • AppTrack

  • AppFW

  • AppDoS

  • AppQoS

  • Lab 1: Implementing AppSecure

Chapter 3: Junos Layer 2 Packet Handling and Security Features

  • Transparent Mode Security

  • Layer 2 Ethernet Switching

  • Lab 2: Implementing Layer 2 Security

Chapter 4: Virtualization

  • Virtualization Overview

  • Routing Instances

  • Logical Systems

  • Lab 3: Implementing Junos Virtual Routing

Day 2

Chapter 5: Advanced NAT Concepts

  • Operational Review

  • NAT: Beyond Layer 3 and Layer 4 Headers

  • DNS Doctoring

  • IPv6 NAT

  • Advanced NAT Scenarios

  • Lab 4: Advanced NAT Implementations

Chapter 6: IPsec Implementations

  • Standard VPN Implementations Review

  • Public Key Infrastructure

  • Hub-and-Spoke VPNs

  • Lab 5: Hub-and-Spoke IPsec VPNs

Day 3

Chapter 7: Enterprise IPsec Technologies: Group and Dynamic VPNs

  • Group VPN Overview

  • GDOI Protocol

  • Group VPN Configuration and Monitoring

  • Dynamic VPN Overview

  • Dynamic VPN Implementation

  • Lab 6: Configuring Group VPNs

Chapter 8: IPsec VPN Case Studies and Solutions

  • Routing over VPNs

  • IPsec with Overlapping Addresses

  • Dynamic Gateway IP Addresses

  • Enterprise VPN Deployment Tips and Tricks

  • Lab 7: Implementing Advanced IPsec VPN Solutions

Chapter 9: Troubleshooting Junos Security

  • Troubleshooting Methodology

  • Troubleshooting Tools

  • Identifying IPsec Issues

  • Lab 8: Performing Security Troubleshooting Techniques

Appendix A: SRX Series Hardware and Interfaces

  • Branch SRX Platform Overview

  • High End SRX Platform Overview

  • SRX Traffic Flow and Distribution

  • SRX Interfaces


This course benefits individuals responsible for implementing, monitoring, and troubleshooting Junos security components.