Implementing Juniper Networks Secure Analytics (IJSA)

Course Number:



This course is intended for network engineers, support personnel, reseller support and anyone responsible for implementing the JSA system.
Course Duration:
3 days


This course assumes experience in network security administration and a basic knowledge of network security concepts and TCP/IP operation.

Course Objectives:

After successfully completing this course, students should be able to:

  • Explain the role of the Network Director
  • Describe the JSA system and its basic functionality
  • Describe the hardware used with the JSA system
  • Identify the technology behind the JSA system
  • Identify the JSA system’s primary design divisions; display versus detection, and events versus traffic
  • Plan and prepare for a new installation
  • Access the administration console
  • Configure the network hierarchy
  • Configure the automatic update process
  • Access the Deployment Editor
  • Describe the JSA system’s internal processes
  • Describe event and flow source configuration
  • List key features of the JSA architecture
  • Describe the JSA system’s processing logic
  • Interpret the correlation of flow and event data
  • List the architectural component that provides each key function
  • Describe Events and explain where they come from
  • Access the Log Activity interface
  • Execute Event searches
  • Describe flows and their origin
  • Configure the Network Activity interface
  • Execute Flow searches
  • Specify the JSA system’s Asset Management and Vulnerability Assessment functionality
  • Access the Assets interface
  • View Asset Profile data
  • View Server Discovery
  • Access the Vulnerability Assessment Scan Manager to produce vulnerability assessments (VAs)
  • Access vulnerability scanner configuration
  • View vulnerability profiles
  • Describe rules
  • Configure rules
  • Configure Building Blocks (BBs)
  • Explain how rules and flows work together
  • Access the Offense Manager interface
  • Understand Offense types
  • Configure Offense actions
  • Navigate the Offense interface
  • Explain the Offense summary screen
  • Search Offenses
  • Use the JSA system’s Reporting functionality to produce graphs and reports
  • Navigate the Reporting interface
  • Configure Report Groups
  • Demonstrate Report Branding
  • View Report formats
  • Identify the basic information on maintaining and troubleshooting the JSA system
  • Navigate the JSA dashboard
  • List flow and event troubleshooting steps
  • Access the Event Mapping Tool
  • Configure Event Collection for Junos devices
  • Configure Flow Collection for Junos devices
  • Explain High Availability (HA) functionality on a JSA device
Course Outline:
  • Course Introduction


  • Product Overview
    • Overview of the JSA Series Device
    • Hardware
    • Collection
    • Operational Flow


  • Initial Configuration
    • A New Installation
    • Administration Console
    • Platform Configuration
    • Deployment Editor
    • Lab One: Initial Configuration


  • Architecture
    • Processing Log Activity
    • Processing Network Activity
    • JSA Deployment Options


  • Log Activity
    • Log Activity Overview
    • Configuring Log Activity
    • Lab Two: Log Activity


  • Network Activity
    • Network Activity Overview
    • Configuring Network Activity
    • Lab Three: Network Activity


  • Assets and Vulnerability Assessment
    • Asset Interface
    • Vulnerability Assessment
    • Vulnerability Scanners
    • Lab Four: Assets and Vulnerability Assessment


  • Rules
    • Rules
    • Configure Rules and Building Blocks
    • Lab Five: Rules


  • Offense Manager
    • Offense Manager
    • Offense Manager Configuration
    • Offense Investigation
    • Lab Six: Configure the Offense Manager


  • JSA Reporting
    • Reporting Functionality
    • Reporting Interface
    • Lab Seven: Reporting


  • Basic Tuning and Troubleshooting
    • Basic Tuning
    • Troubleshooting


  • Configuring Junos Devices for Use with JSA
    • Collecting Junos Events
    • Collecting Junos Flows
    • Lab Eight: Configuring Junos Devices for JSA


  • Appendix A: High Availability
    • High Availability
    • Configuring High Availability

Related Posts

About Us

IT Training, Agile Ways of Working and High Impact Talent Development Strategies

Let Us Come to You!

Classes recently delivered in: Atlanta, Boston, Chicago, Columbus, Dallas, Detroit, Indianapolis, Jerusalem, London, Milan, New York, Palo Alto, Phoenix, Pittsburgh, Portland, Raleigh, San Antonio, San Diego, San Francisco, San Jose, Seattle, Springfield, Mass., St. Louis, Tampa and more!