Microsoft Course Lists
JESS - Junos Edge Security Services
- Duration: 2 days
- Test Level: 0
- Certifications: No Certification
- Price: $1400
- Exams: No Exam
This two-day course is designed to provide students with the knowledge required to configure and manage edge security services on devices running the Junos operating system. This course focuses on the main configuration components of edge security services, including service set configuration and service processing, stateful firewall services, IPsec services, threat management, CGN technologies, softwire technologies, high availability, and load balancing.
This course uses service delivery gateways on MX Series 3D Universal Edge Routers for the hands-on component. This course is based on Junos software Release 12.3R2.5.
This course benefits individuals responsible for configuring and monitoring devices running the Junos OS and specifically, the Junos Services Framework.
After successfully completing this course, you should be
able to:
- Provide
an overview of security features enabled using MX Series services.
- Describe
services, service sets, and service interfaces.
- Enable
MX Series services.
- Describe
the packet processing through services on MX Series devices employing
security services.
- Demonstrate
knowledge of stateful firewall traffic flows through an MX Series device.
- Implement
stateful firewall rules on MX Series devices.
- Provide
an overview of IPsec technology.
- Configure
and monitor IPsec operation on an MX Series device.
- Troubleshoot
IPsec operations.
- Provide
an overview of application awareness services on MX Series devices.
- Implement
Application-Aware Access Lists on MX Series devices.
- Describe
how to mitigate IPv4 address exhaustion.
- Explain
how to implement NAT.
- Describe
the different CGN implementations.
- Describe
how to implement NAT444.
- Explain
how to implement NAT64.
- Describe
how to implement 6rd.
- Explain
how to implement DS-Lite.
- Describe
MS PIC redundancy.
- Explain
how to implement CGN logging.
- Describe
various NAT pool and port options.
- Describe
ECMP load-balancing as it pertains to CGN.
- Explain
VRF-based CGN deployments.
- Explain HA availability as it pertains to CGN.
Day 1
Chapter 1: Course Introduction
Chapter 2: MX Series Services
- Product
Overview
- Service
Interfaces
- Service
Sets
- Rules
- Service
Packet Processing
Chapter 3: Stateful Firewall Services
- Stateful
Versus Stateless Firewalls
- Traffic
Flows
- Firewall
Rules
- Configuration
and Monitoring
- Implementing Stateful
Firewall Services Lab
Chapter 4: IPsec Services
- IPsec
Overview
- IPsec
Configuration on MX Series Devices
- IPsec
Monitoring
- IPsec
Implementations
- Implementing
IPsec Services Lab
Chapter 5: Threat Management
- MP-SDK
Packages
- Application
Identification
- Local
Policy Decision Function (L-PDF) Overview
- Application-Aware
Access Lists (AACL)
Day 2
Chapter 6: IPv4 and IPv6 Integration
- IPv4
Address Exhaustion
- IPv4
to IPv6 Migration Risks
- IPv4
to IPv6 Migration Techniques
Chapter 7: CGN Implementation
- Implementing
NAT444
- Implementing
NAT64
- Implementing
CGN Lab
Chapter 8: Softwire Technologies
- Softwires
Overview
- Implementing
and Monitoring 6rd
- Deploying
and Monitoring DS-Lite
- Deploying
Softwire Technologies Lab
Chapter 9: High Availability and Load Balancing
- Service
PIC Redundancy
- CGN
Redundancy
- 6rd
and DS-Lite Redundancy
- CGN
ECMP Load Balancing
- High Availability and Load Balancing Lab
• Students should have experience working with the Junos OS.• Students should have experience with security concepts such as stateful firewall, IPsec, and NAT.• Students should have familiarity with dynamic routing protocols, MPLS VPNs, and Junos policy.
Students should also attend the Junos Intermediate Routing (JIR) course prior to attending this class.