Configuring Juniper Networks Firewall/IPsec VPN Products

This course is the first in the ScreenOS curriculum. It is a three-day, instructor-led course that focuses on configuration of the ScreenOS firewall/virtual private network (VPN) products in a variety of situations, including basic administrative access, routing, firewall policies and policy options, attack prevention features, address translation, and VPN implementations. This course is based on ScreenOS version 6.3r14.

Objetivos

After successfully completing this course, you should be able to:

Explain the ScreenOS security architecture.
Configure administrative access and options.
Back up and restore configuration and ScreenOS files.
Configure a ScreenOS device in transparent, route, Network Address Translation (NAT), and IP version 6 (IPv6) modes.
Discuss the applications of multiple virtual routers.
Configure the ScreenOS firewall to permit and deny traffic based on user-defined policies.
Configure advanced policy options.
Identify and configure network designs for various types of network address translation.
Configure policy-based and route-based VPN tunnels.

Ciberseguridad

Disponible en formato e-learning

Disponible en formato presencial

Disponible en formato a distancia

Subvención disponible
A través de Fundae, cumpliendo requisitos.

Duración
15 horas

  • Dificultad 50% 50%
  • Nivel alcanzado 80% 80%

Dirigido a

This course is intended for network engineers, support personnel, reseller support, and others responsible for implementing Juniper Networks firewall products.

Conocimientos requeridos

This course assumes that students have basic networking knowledge and experience in the following areas:

The Internet;
Networking concepts; and
Terms including TCP/IP, bridging, switching, and routing.

Temario

Day 1

Chapter 1: Course Introduction

Chapter 2: ScreenOS Concepts, Terminology, and Platforms

Security Device Requirements
ScreenOS Security Architecture
Juniper Networks Platforms
Chapter 3: Initial Connectivity

System Components
Establishing Connectivity
Verifying Connectivity
Lab: Initial Configuration
Chapter 4: Device Management

Management
Recovery
Lab: Device Administration
Day 2

Chapter 5: Layer 3 Operations

Need for Routing
Configuring Layer 3
Verifying Layer 3
Loopback Interface
Interface-Based NAT
Lab: Layer 3 Operations
Chapter 6: Basic Policy Configuration

Functionality
Policy Configuration
Common Problems
Global Policy
Verifying Policies
Lab: Basic Policy Configuration
Chapter 7: Policy Options

Overview
Logging
Counting
Scheduling
User Authentication
Lab: Policy Options
Chapter 8: Address Translation

Scenarios
NAT-src
NAT-dst
VIP Addresses
MIP Addresses
Lab: Address Translation
Day 3

Chapter 9: VPN Concepts

Concepts and Terminology
IP Security
Chapter 10: Policy-Based VPNs

Configuration
Verifying Operations
Lab: Policy-Based VPNs
Chapter 11: Route-Based VPNs

Concepts and Terminology
Configuring VPNs
Verifying Operations
Lab: Route-Based VPNs
Chapter 12: IPv6

IPv6 Concepts
Configuring IPv6
Verifying IPv6
Lab: IPv6
Appendix A: Additional Features

Hardware
Appendix B: Transparent Mode

Description
Configuration
Verifying Operations
Lab: Transparent Mode (Optional)

Solicita información del curso