This three-day CJFV is the first course in the ScreenOS curriculum. The instructor-led course focuses on configuration of the Juniper Firewall/VPN products in a variety of situations, including basic administrative access, routing, firewall policies and policy options, attack prevention features, address translation and VPN implementations.

Students will have the opportunity to configure Juniper Firewall/VPN devices in a variety of lab scenarios.

Audience: Network engineers, technical support personnel, reseller support engineers and others responsible for implementing and or maintaining the Juniper Networks products covered in this course.
Course Duration: 3 days
Prerequisites:

This course assumes students have basic networking knowledge and experience in the following areas:

  • Ethernet
  • Transparent Bridging
  • TCP/IP Operations
  • IP Addressing
  • Routing
Course Objectives:
  • Juniper Networks Security concepts
  • Security architecture
  • Transparent mode and Layer 2 operations
  • Layer 3 operations/configuration
  • Policy options and configuration
  • Attack prevention
  • Address translation options
  • VPN concepts
  • Route-based VPNs
  • Policy-based VPNs
  • Netscreen remote client
Course Outline:
  • Course Introduction

 

  • ScreenOS Concepts, Terminology and Platforms
    • Security Device Requirements
    • ScreenOS Security Architecture
    • Juniper Networks Platforms

 

  • Initial Connectivity
    • System Components
    • Establishing Connectivity
    • Verifying Connectivity

 

  • Device Management
    • Management
    • Recovery

 

  • Layer 3 Operations
    • Need for Routing
    • Configuring Layer 3
    • Verifying Layer 3
    • Loopback Interface
    • Interface-Based NAT

 

  • Basic Policy Configuration
    • Functionality
    • Policy Configuration
    • Common Problems
    • Global Policy
    • Verifying Policies

 

  • Policy Options
    • Overview
    • Logging
    • Counting
    • Scheduling
    • User Authentication

 

  • Address Translation
    • Scenarios
    • NAT-src
    • NAT-dst
    • VIP Addresses
    • MIP Addresses

 

  • Transparent Mode (Optional)
    • Description
    • Configuration
    • Verifying Operations

 

  • VPN Concepts
    • Concepts and Terminology
    • IP Security

 

  • Policy-Based VPNs
    • Configuration
    • Verifying Operations

 

  • Route-Based VPNs
    • Concepts and Terminology
    • Configuring VPNs
    • Verifying IPv