Configuring Juniper Networks Firewall/IPSec VPN Products (CJFV) — A 3 day course
Synopsis
This course is the first in the ScreenOS curriculum. It is a three-day, instructor-led course that focuses on configuration of the ScreenOS firewall/virtual private network (VPN) products in a variety of situations, including basic administrative access, routing, firewall policies and policy options, attack prevention features, address translation, and VPN implementations.
Configuring Juniper Networks Firewall/IPsec VPN Products is an introductory level course.
Objectives
After successfully completing this course, delegates should be able to:
- Explain the ScreenOS security architecture
- Configure administrative access and options
- Back up and restore configuration and ScreenOS files
- Configure a ScreenOS device in transparent, route, Network Address Translation (NAT), and IP version 6 (IPv6) modes
- Discuss the applications of multiple virtual routers
- Configure the ScreenOS firewall to permit and deny traffic based on user-defined policies
- Configure advanced policy options
- Identify and configure network designs for various types of network address translation
- Configure policy-based and route-based VPN tunnels
Contents
Course Introduction
ScreenOS Concepts, Terminology and Platforms
- Security Device Requirements
- ScreenOS Security Architecture
- Juniper Networks Platforms
Initial Connectivity
- System Components
- Establishing Connectivity
- Verifying Connectivity
- Lab: Initial Configuration
Device Management
- Management
- Recovery
- Lab: Device Administration
Layer 3 Operations
- Need for Routing
- Configuring Layer 3
- Verifying Layer 3
- Loopback Interface
- Interface-Based NAT
- Lab: Layer 3 Operations
Basic Policy Configuration
- Functionality
- Policy Configuration
- Common Problems
- Global Policy
- Verifying Policies
- Lab: Basic Policy Configuration
Policy Options
- Overview
- Logging
- Counting
- Scheduling
- User Authentication
- Lab: Policy Options
Address Translation
- Scenarios
- NAT-src
- NAT-dst
- VIP Addresses
- MIP Addresses
- Lab: Address Translation
VPN Concepts
- Concepts and Terminology
- IP Security
Policy-Based VPNs
- Configuration
- Verifying Operations
- Lab: Policy-Based VPNs
Route-Based VPNs
- Concepts and Terminology
- Configuring VPNs
- Verifying Operations
- Lab: Route-Based VPNs
IPv6
- IPv6 Concepts
- Configuring IPv6
- Verifying IPv6
- Lab: IPv6
Appendix A: Additional Features
- Hardware
Appendix B: Transparent Mode
- Description
- Configuration
- Verifying Operations
- Lab: Transparent Mode (Optional)
Publicly scheduled dates, locations, and prices
A schedule of dates for this subject is not currently available. Please call 0333 210 0140 or use our contact form to enquire about places and availability.
Suitable For
This course is intended for network engineers, support personnel, reseller support, and others responsible for implementing Juniper Networks firewall products.
Prerequisites
This course assumes that students have basic networking knowledge and experience in the following areas:
- The Internet
- Networking Concepts
- TCP/IP
- Bridging
- Switching
- Routing