Configuring Juniper Networks Firewall/IPSec VPN Products (CJFV)

This course is the first in the ScreenOS curriculum. It is a three-day, instructor-led course that focuses on configuration of the ScreenOS firewall/virtual private network (VPN) products in a variety of situations, including basic administrative access, routing, firewall policies and policy options, attack prevention features, address translation, and VPN implementations. This course is based on ScreenOS version 6.2.

The course combines both lecture and labs, with significant time allocated for hands-on experience. When completing this course, you should be confident in your ability to configure Juniper Networks firewall/VPN products in a wide range of installations.

Course Outline

Day 1

Chapter 1: Course Introduction

Chapter 2: ScreenOS Concepts, Terminology, and Platforms

  • Security Device Requirements

  • ScreenOS Security Architecture

  • Juniper Networks Platforms


Chapter 3: Initial Connectivity

  • System Components

  • Establishing Connectivity

  • Verifying Connectivity

  • Lab 1: Initial Configuration


Chapter 4: Device Management

  • Management

  • Recovery

  • Lab 2: Device Administration


Day 2

Chapter 5: Layer 3 Operations

  • Need for Routing

  • Configuring Layer 3

  • Verifying Layer 3

  • Loopback Interface

  • Interface-Based NAT

  • Lab 3: Layer 3 Operations


Chapter 6: Basic Policy Configuration

  • Functionality

  • Policy Configuration

  • Common Problems

  • Global Policy

  • Verifying Policies Lab 4: Basic Policy Configuration


Chapter 7: Policy Options

  • Overview

  • Logging

  • Counting

  • Scheduling

  • User Authentication

  • Lab 5: Policy Options


Chapter 8: Address Translation

  • Scenarios

  • NAT-src

  • NAT-dst

  • VIP Addresses

  • MIP Addresses

  • Lab 6: Address Translation


Day 3

Chapter 9: VPN Concepts

  • Concepts and Terminology

  • IP Security


Chapter 10: Policy-Based VPNs

  • Configuration

  • Verifying Operations

  • Lab 7: Policy-Based VPNs


Chapter 11: Route-Based VPNs

  • Concepts and Terminology

  • Configuring VPNs

  • Verifying Operations

  • Lab 8: Route-Based VPNs


Chapter 12: IPv6

  • IPv6 Concepts

  • Configuration

  • Verifying IPv6 Operations

  • Lab 9: IPv6


Appendix A: Additional Features

  • Hardware


Appendix B: Transparent Mode

  • Description

  • Configuration

  • Verifying Operations

  • Lab 10: Transparent Mode (Optional)

Audience

This course is intended for network engineers, support personnel, reseller support, and others responsible for implementing Juniper Networks firewall products.