info@cambridgeinfotech.in   080- 40943580 / 9902461116

JUNOS Security

Elite, coordinated items, including cutting edge firewalls, for securing networks, applications and access over the whole enterprise network.

In today’s mind boggling environment, if administration solutions are moderate, unintuitive, or confined in their level of granularity and control, network security management can turn out to be excessively tedious and inclined to mistake.

Junos Space Security Director gives security policy management through a natural, incorporated, electronic interface that offers requirement crosswise over rising and customary danger vectors. As an application on the Junos Space stage, Security Director gives broad security scale, granular strategy control, and policy broadness over the network. It helps administrators rapidly deal with all periods of security strategy life cycle for stateful firewall, security intelligence (utilizing danger encourages from Spotlight Secure cloud for insurance against Web application assaults, command and control related dangers, botnets, and local data feeds),unified threat management (UTM), intrusion prevention system (IPS), AppFW, VPN, and Network Address Translation (NAT).

The Juniper Networks Certification Program (JNCP) Junos Security certification track is a project that permits members to show capability with Juniper Networks technology. Effective applicants exhibit intensive comprehension of security innovation all in all and Junos programming for SRX Series gadgets.

Network administrators and security experts will figure out how to utilize SRX Junos administrations doors to address an array of enterprise data network requirements—including IP routing, intrusion detection, assault alleviation, unified threat management, and WAN acceleration. Junos® Security is a reasonable and nitty gritty guide to the SRX product offerings.

JNCIS

JNCIS-SEC

The JNCIS-SEC exam has been designed for networking professionals who are experienced and have intermediate knowledge when it comes to the Junos software from the Juniper Network. The examination, which is conducted in a written format, aims to verify the understanding of the candidate in terms of security technologies as well as related troubleshooting and platform configuration. The exam topics of JNCIS-SEC are based keeping in mind the content of training courses led by recommended instructors. The JNCIS-SEC certification carries a validity of two years following which students can get recertified by clearing the JNO-332 examination.

Overview of the course:

  • Security Overview: Identification of general features. Concepts and functionality of the Junos OS security, Branch vs high end platforms, packet flow, Junos security architecture, packet based vs session based forwarding.
  • Zones: Description of the benefits, operation and concept of zones, dependencies, zone types, transit packet behaviour, zone configuration steps, monitoring and troubleshooting, etc
  • Security policies: Description of the benefits, operation and concept of security policies, types of policy, to the device traffic examination, policy components, re-matching, scheduling, ALGs, address books, monitoring, configuring and troubleshooting security policies, etc.
  • Firewall user authentication: Description of the benefits, operation and concept of firewall user authentication, authentication server support, client groups, etc.
  • Screens: Description of the benefits, operation and concept of screens, screen options, attack types and phases, screen configuration.
  • NAT: Description of the benefits, operation and concept of NAT, NAT/PAT processing, NAT types, etc.
  • IPSec VPNs: Description of the benefits, operation and concept of IPSec VPNs, IPSec tunnel establishment, Junos OS IPSec implementation options, etc.
  • High Availability (HA) Clustering: Description of the benefits, operation and concept of HA, characteristics and features of HA, requirements and considerations of deployment, cluster modes, redundancy groups, real time objects, etc
  • Unified Threat Management (UTM): Description of the benefits, operation and concept of UTM, licensing, packet flow, white-list vs blacklist etc.

JNCIP

The JNCIP examination has a course structure that includes:

  • Application-Aware Security Services: Description of the operation, functionality and concepts of AppSecure, AppID, AppSecure traffic processing, AppFW, AppTrack, AppQoS, AppDos and monitoring, configuration and troubleshooting of various modules in AppSecure.
  • Virtualisation: Description of the operation, functionality and concepts of the various components of virtualisation on the SRX Series Services Gateways, RIB groups, Logical systems, routing instances, Intra-LSYS as well as Inter-LSYS communication and demonstration of knowledge of monitoring, configuration and troubleshooting the various elements in terms of virtualisation.
  • Advanced NAT: Description of the operation, functionality and concepts of NAT, destination NAT, NAT traffic processing, Static NAT, Persistent NAT, Source NAT, NAT traversal, double NAT, DNS doctoring, routing, IPv6 NAT (Carrier-grade NAT) – NAT64, NAT444, NAT46, DS-Lite, NAT and FBF, and demonstration of knowledge of monitoring, configuration and troubleshooting of advanced level of NAT implementations.
  • Advanced IPSec VPNs: Description of the operation, functionality and concepts of the different IPSec VPN implementations, site to site VPN’s, Group VPN’s, VPNs and NAT, PKI for IPSec VPNs as well as VPNs and dynamic gateways. In addition to this a demonstration of knowledge of monitoring, configuration and troubleshooting of various advanced IPSec VPN implementations will also be sought from students.
  • Intrusion Prevention: Description of the operation, functionality and concepts of Intrusion Prevention System in Junos for SRX Series Services Gateways, IPS rulebases and rules, IPS packet inspection process, attack detection based on signature, spoofing, flooding attacks, fingerprinting and reconnaissance scans, network settings, scan prevention, attack database etc.
  • Transparent Mode: Description of the operation, functionality and concepts of the various transparent mode implementations, VLAN translation, High availability, IRB, spanning tree traffic processing, Layer 2 security, etc
  • Troubleshooting: Demonstration of knowledge of troubleshooting Junos OS security issues, SNMP, Flow analysis, tracing, policy flow, show commands, packet capture.