Microsoft Course Lists
CJFV - Configuring Juniper Networks Firewall/IPsecVPN Products
- Duration: 3 Days
- Test Level: Basic
- Certifications: JNCIS-FWV
- Price: USD 2700
- Exams: JN0-533
This course is the first in the ScreenOS curriculum. It is a three-day, instructor-led course that focuses on configuration of the ScreenOS firewall/virtual private network (VPN) products in a variety of situations, including basic administrative access, routing, firewall policies and policy options, attack prevention features, address translation, and VPN implementations. This course is based on ScreenOS version 6.3r14.
This course is intended for network engineers, support personnel, reseller support, and others responsible for implementing Juniper Networks firewall products.
After successfully completing this course, you should be
able to:
- Explain
the ScreenOS security architecture.
- Configure
administrative access and options.
- Back
up and restore configuration and ScreenOS files.
- Configure
a ScreenOS device in transparent, route, Network Address Translation
(NAT), and IP version 6 (IPv6) modes.
- Discuss
the applications of multiple virtual routers.
- Configure
the ScreenOS firewall to permit and deny traffic based on user-defined
policies.
- Configure
advanced policy options.
- Identify
and configure network designs for various types of network address translation.
- Configure policy-based and route-based VPN tunnels.
Day 1
Chapter 1: Course Introduction
Chapter 2: ScreenOS Concepts, Terminology, and Platforms
- Security
Device Requirements
- ScreenOS
Security Architecture
- Juniper
Networks Platforms
Chapter 3: Initial Connectivity
- System
Components
- Establishing
Connectivity
- Verifying
Connectivity
- Lab:
Initial Configuration
Chapter 4: Device Management
- Management
- Recovery
- Lab:
Device Administration
Day 2
Chapter 5: Layer 3 Operations
- Need
for Routing
- Configuring
Layer 3
- Verifying
Layer 3
- Loopback
Interface
- Interface-Based
NAT
- Lab:
Layer 3 Operations
Chapter 6: Basic Policy Configuration
- Functionality
- Policy
Configuration
- Common
Problems
- Global
Policy
- Verifying
Policies
- Lab:
Basic Policy Configuration
Chapter 7: Policy Options
- Overview
- Logging
- Counting
- Scheduling
- User
Authentication
- Lab:
Policy Options
Chapter 8: Address Translation
- Scenarios
- NAT-src
- NAT-dst
- VIP
Addresses
- MIP
Addresses
- Lab:
Address Translation
Day 3
Chapter 9: VPN Concepts
- Concepts
and Terminology
- IP
Security
Chapter 10: Policy-Based VPNs
- Configuration
- Verifying
Operations
- Lab:
Policy-Based VPNs
Chapter 11: Route-Based VPNs
- Concepts
and Terminology
- Configuring
VPNs
- Verifying
Operations
- Lab:
Route-Based VPNs
Chapter 12: IPv6
- IPv6
Concepts
- Configuring
IPv6
- Verifying
IPv6
- Lab:
IPv6
Appendix A: Additional Features
- Hardware
Appendix B: Transparent Mode
- Description
- Configuration
- Verifying
Operations
- Lab: Transparent Mode (Optional)
This course assumes that students have basic networking
knowledge and experience in the following areas:
- The
Internet;
- Networking
concepts; and
- Terms including TCP/IP, bridging, switching, and routing.